
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/Template.dwt" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>CircleU</title>
<?php
 	session_start(); 
	if( !$_SESSION["login"])header('Location: error_page.php');
	include("db_util.php");
	putenv("ORACLE_HOME=/usr/local/libexec/oracle/app/oracle/product/11.2.0/client_1");
	$connection=DbConnect();
	if(!$connection)
		echo "DisConnected!<br>";
	if(isset($_GET["GSID"]))$SID=$_GET["GSID"]; else $SID=$_SESSION["StuID"];
	
	//Yan Qiao
	$student = get_student_info_with_con($connection, $_SESSION["StuID"]);
	$check_OK = true;
	$msg = " ";
	$error_msg = " ";
	if(isset($_POST["submit"])){
		if($_REQUEST["fname"]=="" || $_REQUEST["lname"]=="" || $_REQUEST["password1"]=="" || $_REQUEST["password2"]==""){
			$check_OK = false;
			$error_msg = "Please enter fields that are marked '*'";
		}elseif($_REQUEST["password1"]!=$_REQUEST["password2"]){
			$check_OK = false;
			$error_msg = "Double check your password!";
		}elseif($_POST["phone"]!="" && !is_numeric(filter_var($_POST["phone"], FILTER_SANITIZE_NUMBER_INT))){
			$check_OK = false;
			$error_msg = "Please enter a valid phone!";
		}elseif($_FILES["profile_pic"]["size"]!=0){ 
			if ((($_FILES["profile_pic"]["type"] == "image/gif")
			|| ($_FILES["profile_pic"]["type"] == "image/jpeg")
			|| ($_FILES["profile_pic"]["type"] == "image/pjpeg"))
			&& ($_FILES["profile_pic"]["size"] < (500*1024))){
			  if ($_FILES["profile_pic"]["error"] > 0){
				$check_OK=false;
				$error_msg = "Photo upload error: " . $_FILES["file"]["error"];
			  }elseif (file_exists("./picture/student/".$_SESSION["StuID"]. "/" . $_FILES["profile_pic"]["name"])){
				$check_OK=false;
				$error_msg=$_FILES["profile_pic"]["name"] . " already exists. ";
			  }else{
//				echo "Upload: " . $_FILES["profile_pic"]["name"] . "<br />";
//				echo "Type: " . $_FILES["profile_pic"]["type"] . "<br />";
//				echo "Size: " . ($_FILES["profile_pic"]["size"] / 1024) . " Kb<br />";
//				echo "Stored in: " . $_FILES["profile_pic"]["tmp_name"];			
				$new_profile_pic="./picture/student/".$_SESSION["StuID"]. "/" . $_FILES["profile_pic"]["name"];
				move_uploaded_file($_FILES["profile_pic"]["tmp_name"], $new_profile_pic);
				update_student_info_with_pic($connection, $_SESSION["StuID"], $new_profile_pic);
				$student = get_student_info_with_con($connection, $_SESSION["StuID"]);
			  }
			}else{
			  $check_OK=false;
			  $error_msg = "Invalid picture. Please upload gif/jpeg/pjpeg picture within 500K.";
			}
		}else{
			update_student_info($connection, $_SESSION["StuID"]);
			$student = get_student_info_with_con($connection, $_SESSION["StuID"]);
			$msg = "Profile Updated.";
		}
	}
	
	// ~Yan Qiao
	$query='SELECT * FROM Student where sid=' . $SID; 
	$statement = oci_parse($connection, $query);
	$query='SELECT name, GID FROM STUGROUP SG, GROUPS G WHERE sg.STUDENTID=' . $SID . 'and G.GID=SG.GroupID';
	$statement1 = oci_parse($connection, $query);
	$query='SELECT cname, CID FROM StuCourse SC, Course C WHERE sc.STUDENTID=' . $SID . 'and C.CID=SC.CourseID';
	$statement2 = oci_parse($connection, $query);
	oci_execute($statement);
	oci_execute($statement1);
	oci_execute($statement2);
	ocifetch ( $statement ) ;	
?>
<!-- InstanceEndEditable -->
<style type="text/css">
<!--

a:link   {
text-decoration:   none;
}
a:visited   {
text-decoration:   none;
}
a:hover   {
text-decoration:   underline;
} 
.try {
	background-color: #FFFFFF;
	position: relative;
	z-index: auto;
	visibility: visible;
	clip: rect(auto,auto,auto,auto);
	width: auto;
	height: 76px;
}
.copyright {
	position: absolute;
	left: 150px;
	top: 600px;
	font-size: large;
	height: 22px;
}
.LayerImg {
	left: auto;
}
.CircleU {
	font-family: "Comic Sans MS";
	font-size: xx-large;
	font-weight: bold;
	position: relative;
	left: 20px;
	top: auto;
	height: auto;
	width: auto;
	visibility: visible;
	background-position: left;
	color: #3333FF;
}

#Title1 {
	position:absolute;
	width:1096px;
	height:60px;
	z-index:2;
	left: 9px;
	top: 6px;
}



}

#Dwt01 {
	position:absolute;
	width:1092px;
	height:500px;
	right: 9px;
	top: 80px;
}
#LeftLayer {
	position:absolute;
	width:200px;
	height:500px;
	z-index:3;
	left: 11px;
	top: 77px;
	background-color: #FF6600;
}
#EditR1 {
	position:absolute;
	width:878px;
	height:500px;
	z-index:4;
	left: 221px;
	top: 77px;
}
.STYLE3 {color: #0000CC}
-->
</style><script type="text/JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_showHideLayers() { //v6.0
  var i,p,v,obj,args=MM_showHideLayers.arguments;
  for (i=0; i<(args.length-2); i+=3) if ((obj=MM_findObj(args[i]))!=null) { v=args[i+2];
    if (obj.style) { obj=obj.style; v=(v=='show')?'visible':(v=='hide')?'hidden':v; }
    obj.visibility=v; }
}
//-->
</script>
<!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable -->
</head>

<body>
<center>
  <div id="Title1">
    <table width="1092" height="59" bgcolor="#FF6600">
      <tr>
        <td rowspan="2" class="CircleU"><div align="left"><?php echo "<a href=\"index.php\">"; ?> <span class="STYLE3">CircleU</a></span></div></td>
        <td width="128"><div align="right"><?php echo "<a href=\"Personal.php\">"; ?> My Page </a></div></td>
        <td width="111"><div align="right"><?php echo "<a href=\"SignOut.php\">"; ?>Sign Out </a></div></td>
        <td width="120"><div align="center"><?php echo "<a href=\"ContactUs.php\">"; ?>Contact Us</a></div></td>
      </tr>
      <tr>
        <td><form id="form2" name="form2" method="post" <?php echo "action=\"AdvancedSearch.php\""; ?>>
          <label>
            <input type="submit" name="AdvancedSearch" value="Advanced Search" />
          </label>
        </form>
        </td>
        <td colspan="2"><form id="form1" name="form1" method="post" <?php echo "action=\"SearchResult.php\""; ?>>
          <label>
            <input type="text" name="SearchText" />
          </label>
          <label>
          <input type="submit" name="SearchResult" value="search" />
          </label>
        </form>        </td>
      </tr>
    </table>
  </div>
  <div class="copyright">
<p>Copyright @ 2011 CircleU built in University of Florida. All right reserved&#13;</p>

</div>

 
  
  

  <div id="LeftLayer">
  <div id="Layerleft2">
  <?php

  if(isset($_GET["GSID"]))echo "<a href=PictureView.php?GSID=" . OCIResult( $statement, 'SID' ). "><img src=\"". OCIResult( $statement, 'PROFILE_PIC' ) . "\" width=\"200\" height=\"133\" /></a>";
  else echo "<a href=PictureView.php><img src=\"". OCIResult( $statement, 'PROFILE_PIC' ) . "\" width=\"200\" height=\"133\" /></a>";
 
  ?>
  </div>
  <div id="Layerleft3">
  <?php 
  
  function AddAsFriend($connection)
	{
	$query='Insert into isfriend values(' . $_SESSION["StuID"] . ',' . $_GET["GSID"] . ')'; 
	$InsertRelationShip = oci_parse($connection, $query);
	oci_execute($InsertRelationShip);
	oci_free_statement($InsertRelationShip)	;
	$query='Insert into isfriend values(' . $_GET["GSID"] . ',' . $_SESSION["StuID"] . ')'; 
	$InsertRelationShip = oci_parse($connection, $query);
	oci_execute($InsertRelationShip);
	oci_free_statement($InsertRelationShip)	;
	}
	
	 function RemoveFriend($connection)
	{
	$query='Delete from isfriend where (s1=' . $_SESSION["StuID"] . ' and s2=' . $_GET["GSID"] . ') or (s1=' . $_GET["GSID"] . 'and s2=' . $_SESSION["StuID"] . ')'; 
	$DeleteRelationShip = oci_parse($connection, $query);
	oci_execute($DeleteRelationShip);
	
	oci_free_statement($DeleteRelationShip)	;
	}
	
	if(isset($_POST["Remove"]))RemoveFriend($connection);
	else
	{
	if(isset($_POST["Add"]))AddAsFriend($connection);
	}
	
  
  if(!isset($_GET["GSID"])) echo "<a href=\"ProfileSetting.php\">Profile Setting</a>"; else 
 {
 	$query='SELECT * FROM ISFRIEND where (s1=' . $_SESSION["StuID"] . ' and s2=' . $_GET["GSID"] . ') or (s1=' . $_GET["GSID"] . ' and s2=' . $_SESSION["StuID"] . ')'; 
	$checkIfFriend = oci_parse($connection, $query);
	oci_execute($checkIfFriend);
  echo "<form id=\"removeoradd\" name=\"removeoradd\" method=\"post\" action=\"\">" . "<input type=\"submit\" "; if(ocifetch($checkIfFriend)) echo "name=\"Remove\" value=\"Remove\""; else echo "name=\"Add\" value=\"Add as friend\"";
 oci_free_statement($checkIfFriend); echo "/></form>"; 
 } 
  ?>
    <table width="200" border="1" bgcolor="#FF6600" id="profile" style="table-layout: fixed;" >
	<tr>
        <td width="84"><span class="STYLE4">First Name: </span></td>
        <td width="100"><?php
  echo OCIResult( $statement, 'FIRST_NAME' );
  ?></td>
      </tr>
	  <tr>
        <td width="84"><span class="STYLE4">Last Name: </span></td>
        <td width="100"><?php
  echo OCIResult( $statement, 'LAST_NAME' );
  ?></td>
      </tr>
      <tr>
        <td width="84"><span class="STYLE4">Department: </span></td>
        <td width="100"><?php
  echo OCIResult( $statement, 'DEPARTMENT' );
  ?></td>
      </tr>
      <tr>
        <td><span class="STYLE4">Birthday:</span></td>
        <td><?php
  echo OCIResult( $statement, 'BIRTHDAY' );
  ?></td>
      </tr>
      
      <tr>
        <td><span class="STYLE4">Hobbies:</span></td>
        <td><?php
  echo OCIResult( $statement, 'HOBBIES' );
  ?></td>
      </tr>
     <tr>
	 
        <td width="84"><span class="STYLE4"><?php 
	 if(isset($_GET["GSID"]))
	 echo "<a href=\"PictureView.php?GSID=" . $SID . "\"> Album </a></span>"; else  
	 echo "<a href=\"PictureView.php\"> Album </a></span>";
	 ?></td>
      
      </tr>
      <tr>
        <td style= "word-break:break-all;"><span class="profile">Groups:</span></td>
       <?php echo "<td style= \"word-break:break-all; width:40\">"; while(ocifetch($statement1)){echo "<a href=\"GroupPage.php?GID=" . OCIResult( $statement1, 'GID' ) . "\">" .
 OCIResult( $statement1, 'NAME' ) . ";</a>";} 
	
  ?></td>  </tr>
   <tr>
        <td><span class="profile">Courses:</span></td>
       <?php echo "<td>"; while(ocifetch($statement2)){echo "<a href=\"CourseHome.php?CID=" . OCIResult( $statement2, 'CID' ) . "\">" .
 OCIResult( $statement2, 'CID' ) . ";</a>";} oci_free_statement($statement);oci_free_statement($statement1);oci_free_statement($statement2);
	oci_close($connection);
  ?></td>      </tr>
  <?php 
  if(!isset($_GET["GSID"])){
  echo "<tr>
        
		<td width=\"84\"><span class=\"STYLE4\"><a href=\"FriendList.php\"> Friends </a></span> </td>
      
      </tr>";
  }
  ?>
  
     
    </table>
  </div>
  
  </div>
  <div id="EditR1"><!-- InstanceBeginEditable name="EditRegion3" -->
<?php
function update_student_info($con, $sid) {
	$query = "update student set FIRST_NAME='" . $_POST["fname"] . "', LAST_NAME='" .
			 $_POST["lname"] . "', GENDER='" . $_POST["gender"] . "', BIRTHDAY='" .
			 $_POST["birthday"] . "', DEPARTMENT='" . $_POST["department"] .
			 "', PHONE=" . $_POST["phone"] . ", RELATIONSHIP='" . $_POST["relationship"] .
			 "', HOBBIES='" . $_POST["hobbies"] . "', PASSWORD='" . $_POST["password1"] .
			 "' where SID=" . $sid;
	$stmt = oci_parse($con, $query);
	oci_execute($stmt);
	oci_free_statement($stmt);
}

function update_student_info_with_pic($con, $sid, $pic) {
	$query = "update student set FIRST_NAME='" . $_POST["fname"] . "', LAST_NAME='" .
			 $_POST["lname"] . "', GENDER='" . $_POST["gender"] . "', BIRTHDAY='" .
			 $_POST["birthday"] . "', DEPARTMENT='" . $_POST["department"] .
			 "', PHONE=" . $_POST["phone"] . ", RELATIONSHIP='" . $_POST["relationship"] .
			 "', HOBBIES='" . $_POST["hobbies"] . "', PROFILE_PIC='". $pic ."', PASSWORD='" . $_POST["password1"] .
			 "' where SID=" . $sid;
	$stmt = oci_parse($con, $query);
	oci_execute($stmt);
	oci_free_statement($stmt);
}

function get_student_info_with_con($con, $sid) {
	$query = "select * from student where sid = " . $sid;
	$stmt = oci_parse($con, $query);
	oci_execute($stmt);
	$student = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS);
	oci_free_statement($stmt);
	return $student;
}
?>
<div id="Layer3">
<form  action="ProfileSetting.php" method="POST" id="profile_form" name="profile_form" enctype="multipart/form-data">
  <table border="0" style="text-align:right">
  <tr>
    <td colspan="2" style="text-align:center"><h3>Profile Settings</h3></td>
  </tr>
  <tr>
  	<td colspan="2" style="text-align:center"><img src="<?php echo $student["PROFILE_PIC"]; ?>" width="100" height="66"/></td>
  </tr>
  <tr>
  	<td colspan="2" style="text-align:right">Profile Photo: <input type="file" name="profile_pic" id="profile_pic" accept"image/gif,image/jpeg,image/pjpeg"/></td>
  </tr>
  <tr>
    <td><div align="right"><font color=#FF3300>*</font> First Name: </div></td>
    <td>
        <input type="text" name="fname" <?php 
			if(isset($_POST["fname"])) echo "value='" . $_POST["fname"] . "'";
			elseif($student["FIRST_NAME"]) echo "value='" . $student["FIRST_NAME"] . "'";?> />
    </td>
  </tr>
  <tr>
    <td><font color=#FF3300>*</font> Last Name: </td>
    <td>
        <input type="text" name="lname" <?php 
			if(isset($_POST["lname"])) echo "value='" . $_POST["lname"] . "'";
			elseif($student["LAST_NAME"]) echo "value='" . $student["LAST_NAME"] . "'";?>/>
    </td>
  </tr>
    <tr>
    <td>Gender: </td>
    <td>
        <select name="gender">
				  <option value="N" <?php if($student["GENDER"]=="N") echo "selected"; ?>>--</option>
				  <option value="F" <?php if($student["GENDER"]=="F") echo "selected"; ?>>Female</option>
 				  <option value="M" <?php if($student["GENDER"]=="M") echo "selected"; ?>>Male</option>
		</select> 
    </td>
  </tr>
  <tr>
    <td>Birthday(DD-MMM-YY): </td>	<?php // To do: use "select" tag ?>
    <td>
        <input type="text" name="birthday" <?php 
			if(isset($_POST["birthday"])) echo "value='" . $_POST["birthday"] . "'";
			elseif($student["BIRTHDAY"]) echo "value='" . $student["BIRTHDAY"] . "'";?>/>
    </td>
  </tr>
  <tr>
    <td>Department: </td>	<?php // To do: use select tag ?>
    <td>
        <input type="text" name="department" <?php 
			if(isset($_POST["department"])) echo "value='" . $_POST["department"] . "'";
			if($student["DEPARTMENT"]) echo "value='" . $student["DEPARTMENT"] . "'";?>/>
    </td>
  </tr>
  <tr>
    <td>Phone: </td>	<?php // To do: validate phone ?>
    <td>
        <input type="text" name="phone" <?php 
			if(isset($_POST["phone"])) echo "value='" . $_POST["phone"] . "'";
			elseif($student["PHONE"]) echo "value='" . $student["PHONE"] . "'";?>/>
    </td>
  </tr>
  <tr>
    <td>Relationship: </td>
    <td>
        <select name="relationship">
				  <option value="NULL">--</option>
				  <option value="Single" <?php if($student["RELATIONSHIP"]=="Single") echo "selected"; ?>>Single</option>
				  <option value="Available" <?php if($student["RELATIONSHIP"]=="Available") echo "selected"; ?>>Available</option>
 				  <option value="Date" <?php if($student["RELATIONSHIP"]=="Date") echo "selected"; ?>>In a relationship</option>
				  <option value="Engaged" <?php if($student["RELATIONSHIP"]=="Engaged") echo "selected"; ?>>Engaged</option>
				  <option value="Married" <?php if($student["RELATIONSHIP"]=="Married") echo "selected"; ?>>Married</option>
		</select> 
    </td>
  </tr>
  <tr>
    <td>Hobbies: </td>
    <td>
        <input type="text" name="hobbies" <?php
			if(isset($_POST["hobbies"])) echo "value='" . $_POST["hobbies"] . "'";
			elseif($student["HOBBIES"]) echo "value='" . $student["HOBBIES"] . "'";?>/>
    </td>
  </tr>
  <tr>
  	<td colspan="2">
	  <hr />
	</td>
  </tr>
  <tr>
    <td><font color=#FF3300>*</font> Password: </td>	
    <td>
        <input type="password" name="password1" <?php 
			if(isset($_POST["password1"])) echo "value='" . $_POST["password1"] . "'";
			elseif($student["PASSWORD"]) echo "value='" . $student["PASSWORD"] . "'";?>/>
    </td>
  </tr>
  <tr>
    <td><font color=#FF3300>*</font> Re-enter Password: </td>
    <td>
        <input type="password" name="password2" <?php 
			if(isset($_POST["password2"])) echo "value='" . $_POST["password2"] . "'";
			elseif($student["PASSWORD"]) echo "value='" . $student["PASSWORD"] . "'";?>/>
    </td>
  </tr>
  <tr>
  	<td>
      <input name="submit" type="submit" class="button2" value="Submit" />
	</td>
	<td>
	  <input name="cancel" type="button" class="button2" value="Start Over" onClick="location.href='ProfileSetting.php'" />
	</td>
  </tr>
  <tr>
  	<td colspan="2" style="text-align:center">
	<?php 
	if($check_OK) echo "<font color=green><b>" . $msg . "</b></font>"; 
	else echo "<font color=red><b>" . $error_msg ."</b></font>" ?>
	</td>
  </tr>
</table>
</form>
</div>
  
  <!-- InstanceEndEditable --></div>
</center>
</body>
<!-- InstanceEnd --></html>
